Lucene search
K

14 matches found

EUVD
EUVD
added 2026/04/16 6:31 p.m.6 views

EUVD-2025-209501

Dell Client Platform BIOS contains a Weak Password Recovery Mechanism vulnerability. An unauthenticated attacker with physical access to the system could potentially exploit this vulnerability, leading to unauthorized access...

5.1CVSS5.8AI score0.00176EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/01/23 12:26 p.m.4 views

CVE-2025-4320

Authentication Bypass by Primary Weakness, Weak Password Recovery Mechanism for Forgotten Password vulnerability in Birebirsoft Software and Technology Solutions Sufirmam allows Authentication Bypass, Password Recovery Exploitation. This issue affects Sufirmam: through 23012026. NOTE: The vendor...

10CVSS5.4AI score0.0046EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/07 9:36 a.m.8 views

CVE-2019-7886

A cryptograhic flaw exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. A weak cryptograhic mechanism is used to generate the intialization vector in multiple security relevant contexts...

7.5CVSS6.7AI score0.01186EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/05 12:31 a.m.5 views

EUVD-2025-201305

The password reset mechanism for the Pivot client application is weak, and it may allow an attacker to take over the account...

8.7CVSS6.5AI score0.00257EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-3475

Malicious code in bioql PyPI...

7.5CVSS7.7AI score0.01186EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/22 8:46 a.m.8 views

CVE-2019-6560

In Auto-Maskin RP210E Versions 3.7 and prior, DCU210E Versions 3.7 and prior and Marine Observer Pro Android App, the software contains a mechanism for users to recover or change their passwords without knowing the original password, but the mechanism is weak...

9.1CVSS6.8AI score0.01102EPSS
Exploits0References1
Prion
Prion
added 2023/10/29 1:15 a.m.15 views

Default credentials

Weak Password Recovery Mechanism for Forgotten Password in GitHub repository linkstackorg/linkstack prior to v4.2.9...

4.3CVSS8.7AI score0.00674EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2023/09/07 3:15 a.m.22 views

CVE-2023-34357

Soar Cloud Ltd. HR Portal has a weak Password Recovery Mechanism for Forgotten Password. The reset password link sent out through e-mail, and the link will remain valid after the password has been reset and after the expected expiration date. An attacker with access to the browser history or has...

7.8CVSS7.7AI score0.00169EPSS
Exploits0References1
NVD
NVD
added 2023/08/09 3:15 a.m.28 views

CVE-2023-39910

The cryptocurrency wallet entropy seeding mechanism used in Libbitcoin Explorer 3.0.0 through 3.6.0 is weak, aka the Milk Sad issue. The use of an mt19937 Mersenne Twister PRNG restricts the internal entropy to 32 bits regardless of settings. This allows remote attackers to recover any wallet...

7.5CVSS7.5AI score0.01312EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added 2022/03/01 9:15 a.m.7 views

CVE-2022-0777

Weak Password Recovery Mechanism for Forgotten Password in GitHub repository microweber/microweber prior to 1.3...

7.5CVSS5.4AI score0.01221EPSS
Exploits1References3
Prion
Prion
added 2021/09/30 11:15 a.m.17 views

Improper access control

ECOA BAS controller is vulnerable to weak access control mechanism allowing authenticated user to remotely escalate privileges by disclosing credentials of administrative accounts in plain-text...

4CVSS8.7AI score0.00718EPSS
Exploits1References1
NVD
NVD
added 2021/05/17 7:15 p.m.16 views

CVE-2021-29023

InvoicePlane 1.5.11 doesn't have any rate-limiting for password reset and the reset token is generated using a weak mechanism that is predictable...

5.3CVSS0.00844EPSS
Exploits1References2
Prion
Prion
added 2021/05/17 7:15 p.m.14 views

Design/Logic Flaw

InvoicePlane 1.5.11 doesn't have any rate-limiting for password reset and the reset token is generated using a weak mechanism that is predictable...

5CVSS5.5AI score0.00844EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2020/03/23 9:15 p.m.4 views

CVE-2019-6558

In Auto-Maskin RP210E Versions 3.7 and prior, DCU210E Versions 3.7 and prior and Marine Observer Pro Android App, the software contains a mechanism for users to recover or change their passwords without knowing the original password, but the mechanism is weak...

7.5CVSS7.3AI score0.01132EPSS
Exploits0References1
Rows per page
Query Builder